If you cut and paste the above into a .bat file and name it something like install.bat, you can invoke it like this:install.bat user_name footprint certificate_filename certificate_password
For example:install.bat "IIS App Pool\AppPool1" bc4da1aa2b7116abe33277a44eaab2135210e23b certificate.pfx password

Some pre-requisites/gotchas:

You will need Microsoft’s FindPrivateKey tool which will locate the certificate in the store. You can obtain FindPrivateKey in the WCF samples: download

You can also use FindPrivateKey to locate the certificate by subject name, but I found that locating it by footprint was more reliable for multi-line subjects

To grant access an IIS app pool access to the certificate, you need to specify the app pool name in the format"IIS App Pool\app_pool_name"

Installing the certificate on a remote machine

I used the SysInternals tool PSExec to run the script on remote machines, using the below parameters:PSExec.exe /accepteula \\hostname -i -s -w remote_working_folder cmd /c "script_with_parameters"
Where:

hostname: the hostname on which the script will run

remote_working_folder: folder on the host which contains the certificate to import and the FindPrivateKey tool exe

script_with_parameters: the batch file to run with all parameters specified